Migration from CentOS 5.6 to Scientific Linux 6.1

I migrated from CentOS 5.6 to Scientific Linux (may be a bit risky, but did it anyway). Works great so far.

Noticed a few minor issues when I restored my virtualmin domains. But otherwise worked great. Enjoying SNI without mod_gnut tls now :-)

  • Bind didn't work and needed a few adjustments, like rndc, remove allow-query and a couple of other small things (basically compared old and new config and fixed settings).
  • System logs module in webmin doesn't work
  • Deleting an Alias Domain did not remove the corresponding zone entry

I also see the following Postfix warnig messages now:

doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:21: protocols=imaps is no longer necessary, remove it doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:21: protocols=pop3s is no longer necessary, remove it
Status: 
Active

Comments

How did you do this migration exactly - was it an upgrade of the system, or did you backup all domains, reinstall the new os and then restore?

Joe's picture
Submitted by Joe on Sat, 08/13/2011 - 13:18 Pro Licensee

The System Logs module is related to the move to rsyslog instead of ksyslogd in RHEL/CentOS/SL version 6. This is incompatible with either of the syslog daemons Webmin's System Logs module supports at this time (which is syslog and syslog-ng)...though the actual logs are the same, and so Jamie can probably fix the log viewing in the next release; I'm not sure how long it will take to get the configuration file supported.

Jamie, http://www.rsyslog.com/ is the website of the new syslog in RHEL/CentOS/SL 6. Looks like a crazily complex configuration file, as it is a programming language for defining logging behavior, rather than a declarative language for specifying log locations and such. So, it seems really powerful, but also difficult to put a UI on top of.

Jamie Correct, backup and then restore. Redhat doesn't support upgrades between major releases unfortunately.

The syslog issue is a Webmin OS detection bug .. on CentOS 6, it should be looking at /etc/rsyslog.conf which has mainly the same format at classic syslog. I will fix this in the next Webmin release .. or you can go to Webmin -> Un-used Modules -> System Logs -> Module Config, and change the config file path to /etc/rsyslog.conf .

That works.

Another odd thing I noticed on SL 6.1.

I see the following error messages in the log. Used to work on CentOS 5.6 (with bleeding repo)

mod_fcgid: HTTP request length 138557 (so far) exceeds MaxRequestLen (131072)

Here is probably the explanation:

Before 2.3.6, this defaulted to 1GB. Most users of earlier versions should use this directive to set a more reasonable limit.

Yes, that's the reason .. annoyingly, in mod_fcgid 2.3.6 and later they made the max request length settable, but changed the default to 1GB, which I think was a poor design. Virtualmin tries to fix this by setting "FcgidMaxRequestLen, but the code to determine if this directive is available differs on a distro by distro basis .. and doesn't support CentOS 6 yet. I will fix that in the next Virtualmin release.

Sounds good. Thanks.

Were you able to reproduce some of the BIND issues? I did the migration on a live site, and had to try to find a quick fix asap (quite risky, but I have a lot of faith in you guys :-). Unfortunately during this hectic process I didn't think of writing down everything for you guys. So a lot of details got lost.

No, BIND worked fine for me .. could you tell us more about what fixes you had to make?

As mentioned already I did not think of writing down all the exact details :-)

But at a minimum I had to click run setup rndc (because apply zone didn't work) and in the end I had to remove comment out allow-query { address_match_list };.

Settings forAllow recursive queries from was also different. That's all I remember.

Odd, perhaps these are specific to Scientific Linux 6, because I don't see them after doing a fresh install on CentOS 6?

Correct, on a fresh install you won't see the error. I saw them when I restored virtual servers from 5.6 to 6.

I don't think it is a difference between SL and C (they are identical except for a one or two additional packages, which are not installed)

May be a difference between 6.0 and 6.1. Did you test 6.1?

Actually forget the SL 6.1 part. I tested SL 6.0 :-)

I am just so used after "yum update -y" that the system should be on the latest version. Not so on SL6 :-)

Ok, I see the cause of this now .. the default BIND config on CentOS 6 is really stupid, as it disallows queries from anything other than localhost. I'll update our installer to fix that..

Ok, great. Would you be so kind to post your "new" default BIND configuration here? I would like to compare.

And what about the "setup rndc necessary" issue. You were not able to reproduce that one?

I couldn't re-produce the rndc issue .. it was setup just fine for me.

As for the issue of BIND not answering queries, my fix was to edit /etc/named.conf and remove the line :

allow-query     { localhost; };

and change the lines :

listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };

to :

listen-on port 53 { any; };
listen-on-v6 port 53 { any; };